About Hayes
Quick Facts Our People Management Team Our Work Client List Case Studies Our Awards Our Partners Articles & White Papers Hayes' KLAS Comments 2011
Strategic Consulting
EMR Readiness & Planning IT Strategic Planning Stark-related Business System Selection
Revenue Cycle Management
Revenue Cycle Management EDIminer
Meaningful Use
ICD-10, HIPAA 5010
IT Consulting
Enterprise/Inpatient EMR Data Conversion Legacy Support Systems Expertise
Allscripts EpicGE Centricity Business GE Centricity EMR NextGen InterSystems
Hayes' Methodology System Implementation and Optimization Interoperability Services
Interface Simplification Strategy Web Design & Development
Interim Management
Leadership Project Resources
MDaudit Software
MDaudit™ Professional MDaudit™ Hospital MDaudit™ Client List
Media Room
Press Kit Press Releases In The News Articles & White Papers Conferences & Presentations Case Studies Our Awards
Careers
Benefits Working at Hayes Opportunities Employee Testimonials
New! Hayes Blog

Healthcare Reform’s Rising Pressure on Compliance

Healthcare Reform’s Rising Pressure on Compliance

By Robert Freedman and Lisa English

PressureLife in the “post-reform era” is changing the way hospitals and physician practices do business. Coders are scrambling to prepare for audits by a multitude of agencies now focused on revenue recovery. President Obama expects recovery of overpayments to help defray the cost of healthcare reform.

Some of the players are familiar. Comprehensive Error Rate Testing (CERT) is a CMS audit function that has been reviewing paid claims for years. The Office of the Inspector General (OIG) has long had its own targeted areas per its work plan. The new threats to the bottom line are Recovery Audit Contractors (RAC), Zone Program Integrity Contractors (ZPIC), Medicaid Integrity Contractors (MIC) and the Medicare Administrative Contractors (MAC).

Furthermore, the Fraud Enforcement and Recovery Act of 2009 (FERA) demands that providers self-disclose. The Act states that “reckless disregard for the facts,” is cause for treble damages and civil fines up to $10,000 for each case. FERA allocated $165 million to the DOJ in fiscal years 2010 and 2011 to hire fraud prosecutors and investigators. The law also dedicated $270 million to other federal agencies for the specific purpose of investigating fraud.

It is a difficult place for healthcare organizations which are already financially challenged and understaffed. It’s not that healthcare organizations are concerned solely about fraud. Under FERA guidelines, overpayments could arise from: 1) billing or coding mistakes, 2) improper or insufficient documentation, 3) patient ineligibility for Medicare or Medicaid when services were provided, 4) billing for services not covered by Medicare, 5) billing for services not "reasonable and necessary," or 6) payor error with respect to medical necessity. There is sufficient cause for concern.

No one knows how courts will apply these terms in the new law. The RAC Demonstration proved its effectiveness. Legal experts advise clients to reduce the impact by conducting self assessments of their risk, extrapolate their findings and repay the government before the bounty hunters show up. Once repayments are negotiated with CMS through the intermediaries, those claims cannot be reviewed again by an outside auditor. One healthcare CEO told an audience of over 2,000 compliance professionals at HCCA’s National Conference that the organizations which are best positioned are “those that don’t wait for the government to take back payments.” 

How Hayes Can Help
Our MDaudit™ clients can assess their exposure with a click of a mouse. They reference RAC targets, and quickly determine their exposure. See sources for RAC targets below. The provider need only establish a valid methodology for the repayment for it to be accepted. This is preferred to engaging in a lengthy appeal process with an adversary (i.e., RAC auditor) who is motivated by a 12% bounty.

Doug Arrington, Director of Billing Compliance at UT Southwestern, described his risk assessment process in a HIStalk interview in February, 2010:

“On an annual basis I do what is called a risk assessment, which takes a look at all the different risk areas that we face here in compliance. For example, I do some data mining looking at basically, what is my top 15% in volume and cost by payer. I look both at federal payers and managed care payers. Then I also look at some data mining issues that are identified by our Medicare administrative contractor here. Then we have the recovery audit contractors and our comprehensive error rate testing, and our payment error rate measurement. Then we have the Medicare integrity group.

So we have a series of audits that are being conducted by external groups that we need to make sure we’re in compliance with. I follow them on a daily basis; go out to their sites — the CERTs, the RACs, the PERMs, and the Medicaid integrity — to make sure that there aren’t any issues.

Then obviously, every October the OIG releases their work plan that I need to be focused on. Throughout the year, they also release opinions and audits results that I need to be tuned in to and to take a look at. This applies not only to the professional practice, but also the hospital side, as well.”

MDaudit Hospital gives compliance staff a window into their billing data, empowering them to quickly evaluate potential risks. It normally takes Doug’s staff weeks to evaluate their exposure to various potential risks and determine their work plan for the year. With MDaudit Hospital, the same process takes days, and the staff is able to conduct the resulting reviews in a fraction of the time.

UT Southwestern evaluates each of the risk areas to determine its potential exposure. In minutes, they can drill in on a specific risk area, such as Medicare cases for DRG 981 through 983 Extensive OR Procedure Unrelated to Principal Diagnosis. They will preview the number of cases they performed for this risk area and use this information to help determine their focus. If they performed more than 50 of these in a year, for example, they may decide to take a closer look.  With the click of a button, they can pull a random sample of inpatient and/or outpatient billed cases for any risk area and view what was billed. They can pull records for a few cases and do a review to see if they were billed properly, and they can schedule a formal audit for a larger number of cases if they feel this is warranted. Any issues uncovered in the audits are tracked and reported, allowing formal monitoring and communication of audit results.

Providers should quickly and thoroughly review their current compliance efforts and plans to ensure that they are taking all steps to minimize their risk of a government investigation or whistleblower action in this increasingly perilous environment. MDaudit provides a proven systematic approach that the nation’s leading healthcare providers have come to rely on.

Additional information can be found at these web sites:

RAC (Recovery Audit Contractors)

Demonstration                

Jurisdictions                      
RAC Approved audit issues for each Region are found at the links below
Region A (DCS)
Region B (CGI)
Region C (Connolly)
Region D (HDI)                 

MIC (Medicaid Integrity Contractors)

www.cms.gov/ProviderAudits/Downloads/mipfactsheet.pdf
www.cms.gov/ProviderAudits/Downloads/mipatoz.pdf
http://www.cms.gov/ProviderAudits/Downloads/micprocureimplementtimeline.pdf

OIG (Office of Inspector General/ Dept of Health and Human Services)

OIG Work Plan                             

Robert FreedmanRobert Freedman has 30 years of experience in the information technology field and works closely with compliance executives providing guidance on audit automation.

 

 

Lisa EnglishLisa English has 24 years of experience in software development for the healthcare industry.  Previous to Hayes, she was a development project manager at IDX.

 

 

Comments
Be the first to post a comment!

 

[Back to Top]